Pocket PC Talk Logo

Your Source for the latest news and articles about the Pocket PC!

cheap iPhone cases

Week of September 12, 2004

Virus exploits workaround in Windows Mobile/Pocket PC architecture  (Includes Source Code)

"Airscanner Mobile Security Advisory

Airscanner Corp. has obtained and published the complete, annotated source code to CE.Dust, the first virus to infect the Windows Mobile/Pocket PC platform.

Background

Virus authors have been trying to infect Windows CE for several years. However, CE.Dust had to overcome unique technological barriers in order to infect this platform. By publishing the source code, Airscanner Corp. hopes to help security researchers and programmers develop appropriate countermeasures. Airscanner Corp. received the CE.Dust virus from its author at the exact same time as all other major antivirus companies. However, because Airscanner Corp. specializes exclusively in software reverse engineering for ARM-based processors, we were fortunate enough to be the first antivirus company to analyze the virus and post a fix on July 16, 2004: http://www.airscanner.com/pr/dust0715.html

Source Code

Following our initial publication, we wrote to the virus author and asked him to explain how he managed to be the first to infect this virgin OS. He was kind enough to explain his results in great detail. We have published his source code, along with annotation and our background material, at the following link: http://www.informit.com/articles/article.asp?p=337071

Vulnerability

The virus exploits a unique workaround in the Windows CE.NET security architecture. Windows CE was designed with a protected kernel. User-mode applications are not permitted to interact directly with the kernel. This was designed to enhance the security and stability of Windows CE. However, the "coredll module" resides deep within the kernel. This is the key module that controls all of the core system processes -- as well as all of the necessary ingredients for sucessful virus infection. The CE.Dust virus exploited a clever workaround of the operating system architecture in order to gain access to the coredll module. Specifically, in Windows CE.Net, Microsoft has left the function "kdatastruct" acessible to usermode. This provided the key to the entrypoint of the virus. Full details of this vulnerability are provided in the annotated comments of source code listed in the article above.

Contact

Airscanner Corp.,  http://airscanner.com/ [email protected]

Contributors: Cyrus Peikari, Seth Fogie, Ratter/29A, Jonathan Read" (Source: Press Release)


Posted Saturday, September 18 2004 by ChrisD
Rating: n/a Comments ()

Watch out for HP products on the TV

""We encourage the television production teams to use a variety of HP products - with an emphasis on digital photography, digital entertainment and mobility. That matches well with HP's consumer business initiatives," Selby added. "We focus on building relationships at the studios that give us the opportunity to showcase new HP technologies that might help with their specific TV show. An example would be putting iPAQ Pocket PCs in the hands of police officers or crime scene investigators."

Shows and Devices
The Apprentice2 - iPAQ 4300 series
Las Vegas  - iPAQ 4300 series, iPAQ 5000 series
CSI: Miami  - iPAQ 5000 series
Smallville - iPAQ 5500 series" (Source: Charlie Demerjian, the Inquirer)


Posted Thursday, September 16 2004 by ChrisD
Rating: 2.66 Comments ()

Socket Delivers Powerful New User Interface and Security Features for Pocket PC WLAN Connectivity

"Socket Communications, Inc. (NASDAQ: SCKT), the Mobile Connection™ Company, today announced its WLAN Tools Mobile Edition software for its Low Power CompactFlash and SDIO Wireless LAN cards for Pocket PCs. The software provides a new easy-to-use Graphical User Interface (GUI) with advanced network monitoring capabilities for Microsoft’s Windows Mobile operating system as well as support for WPA (Wi-Fi Protected Access) and WPA-PSK (Pre-shared) security. WPA offers enterprise-class security – an industry standard instituted by the Wi-Fi Alliance – that combines strong encryption, message integrity checking (called “Michael”), and 802.1x authentication.

“With this software we have raised the bar with regard to expected Mobility Friendly™ features for Windows Mobile WLAN connectivity for Pocket PCs,” said Peter Phillips, Socket’s vice president of marketing. “Our WLAN Tools Mobile Edition delivers powerful new features through an enhanced GUI including an easy-to-understand and easy-to-navigate user interface that is aesthetically pleasing while providing a depth of information unlike any other similar utility on the market. Additionally, the product’s strong WPA support enables security-conscious corporations to support mobile devices on their wireless networks and allows mobile workers to be even more productive when ‘on the go’.”

Socket WLAN Tools Mobile Edition is a new Socket wireless LAN utility that provides ease-of-use as well as advanced network statistics not normally seen in Pocket PC WLAN utilities. This new utility is intuitive and graphical in nature, making it very easy for new users to quickly determine if they are successfully connected to a wireless LAN. It also provides real-time monitoring of signal strength, link quality, Internet availability, data rate, packets sent/received, and duration of connection. The utility uses Microsoft’s built-in Wireless Zero Configuration tool for wireless network configuration and profile management. [Note: Pocket PC screenshots of the new software are available upon request.]

Bundled with Socket’s new utility are new drivers for each card that supports Wi-Fi Protected Access (WPA) security. WPA is supported using certificate-based EAP-TLS and EAP-PEAP. WPA with Pre-shared Key (PSK) is also supported for SOHO environments. WPA and WPA-PSK are only supported on Windows Mobile Second Edition as well as on some ROM upgrades of the original Windows Mobile – users will need to check with the manufacturer of their device to see if WPA support is available.

Pricing and Availability
Socket’s WLAN Tools Mobile Edition software is currently available with purchase of the Low Power SDIO and CF WLAN cards through Socket’s worldwide distribution channels. Current owners of these cards can download the new, enhanced software at no charge from the Socket website: http://www.socketcom.com/support/support_wlan.asp" (Source: Press Release)


Posted Thursday, September 16 2004 by ChrisD
Rating: n/a Comments ()

Microsoft, Sendo Settle Smart-Phone Dispute

"The details of the settlement are confidential, but the deal resolves Sendo's claim and a Microsoft counterclaim, and affects actions in the United Kingdom and the United States. Microsoft will surrender its minority shareholding in Sendo—worth around $10 million, or less than 10 percent of the company—and both companies will be absolved of any liability.

Sendo said the decision to settle was primarily commercial. "We're pleased that we've reached this settlement, it saves us a lot of time and money," Marijke van Hooren, Sendo's director of corporate communications, told eWEEK.com. "This is an opportunity to leave the lawsuit behind and focus on the future."

Tom Burt, Microsoft's corporate vice president and deputy general counsel, said in a statement, "We're pleased with this resolution and look forward to continuing to collaborate with phone manufacturers to bring innovative products to mobile customers." " (Source: Matthew Broersma, eWeek)
Posted Wednesday, September 15 2004 by ChrisD
Rating: 4 Comments ()


Asus "MyPal" A716 Pocket PC

"The primary emphasis in today’s PDA market seems to be smaller and lighter.
Many of the newer models seem to be focused on having limited features while
maintaining the smallest profile and lightest weight possible. This appears
to work for most users, but there will always be a certain group of people
who want a Pocket PC with all the features, expansion, and performance they
can get. The Asus A716 is designed for this type of users. A user whose main
objective is all the features and functionality they can get without
worrying about having the tiniest PDA in their pocket. "  (Source: PDAToday)


Posted Monday, September 13 2004 by ChrisD
Rating: 2 Comments ()

Copyright 2004-2010 Chris De Herrera, All Rights Reserved
A member of the Talksites Family of Websites
All Trademarks are owned by their respective companies.